| From: | Michael Paquier <michael(dot)paquier(at)gmail(dot)com> |
|---|---|
| To: | Álvaro Hernández Tortosa <aht(at)8kdata(dot)com> |
| Cc: | Andres Freund <andres(at)anarazel(dot)de>, Heikki Linnakangas <hlinnaka(at)iki(dot)fi>, pgsql-hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Some thoughts about SCRAM implementation |
| Date: | 2017-04-11 12:59:18 |
| Message-ID: | CAB7nPqRT9+8Kt0B-3RGf1bOWXXTKosGDD735FKfrYXbnj3mDsA@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Tue, Apr 11, 2017 at 9:53 PM, Álvaro Hernández Tortosa
<aht(at)8kdata(dot)com> wrote:
> I know this is a lost battle. But please bear with me for a minute.
I admire your courage.
> But just a bit more is needed to make it really a big announcement and
> provide real value to (I guess, mostly but very interesting) enterprise
> customers, for which MITM and impersonating are big things. The good news is
> that adding channel binding is like inverse Paretto: a 20% of extra effort
> (I bet significantly less) leads to 80% improvement.
We'll get that into PG11, don't worry. At least Heikki or I will submit a patch.
> So CF v10 is over. So we're on testing phase. Can't we consider this a
> "missing feature bug"? ^_^
We should really focus on stability. There is still a bit more to do,
and for SCRAM we have added already a lot of infrastructure so this
should be improved first. And then we can work on extending it on a
sane basis.
--
Michael
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Ashutosh Bapat | 2017-04-11 12:59:44 | Re: Partitioned tables and relfilenode |
| Previous Message | Álvaro Hernández Tortosa | 2017-04-11 12:53:24 | Re: Some thoughts about SCRAM implementation |